I think you're right about that - a CCCD should not be set to one unless the peer writes to it. What I'm not so sure about is whether it is prohibited to send a notification to an unsubscribed peer. I didn't see any language in the spec indicating that this is illegal. The ability to send unsolicited notifications is useful, and I don't see a reason why it shouldn't be allowed.
I agree it's somewhat ambiguous or open to interpretation at present, but in the case of something as critical as newtmgr over ble (OTA DFU etc.), it probably makes sense to take the safe approach and add the CCCD to a characteristic and have the peer explicitly set the notify bit before the response data is sent???
Having the possibility to send unsolicited notifies has some merit, and personally I don't have any objections to it being included as an option in nimble, but I wouldn't rely on those assumptions for newtmgr over BLE. Just my opinion though and curious to hear what other people think.
